@echo off
setlocal enabledelayedexpansion

:: === 配置区域 ===
set "CERT_PATH=your_cert.pfx"
set "CERT_PASS=your_password"
set "TIMESTAMP_URL=http://timestamp.digicert.com"
set "SIGNTOOL_PATH=C:\Program Files (x86)\Windows Kits\10\bin\x64\signtool.exe"
set "TARGET_DIR=."
set "FILE_PATTERNS=*.exe *.dll *.ocx *.msi *.cab"

:: === 验证signtool存在 ===
if not exist "%SIGNTOOL_PATH%" (
    echo Error: signtool.exe not found at %SIGNTOOL_PATH%
    pause
    exit /b 1
)

:: === 签名过程 ===
echo Starting digital signing process...
echo Target directory: %TARGET_DIR%
echo File patterns: %FILE_PATTERNS%
echo.

set "success_count=0"
set "fail_count=0"

for %%p in (%FILE_PATTERNS%) do (
    for /r "%TARGET_DIR%" %%f in (%%p) do (
        echo Signing: %%f
        "%SIGNTOOL_PATH%" sign /f "%CERT_PATH%" /p "%CERT_PASS%" /t %TIMESTAMP_URL% /v "%%f"
        if errorlevel 1 (
            echo [ERROR] Failed to sign %%f
            set /a "fail_count+=1"
        ) else (
            echo [SUCCESS] Signed %%f
            set /a "success_count+=1"
        )
        echo.
    )
)

echo Signing completed.
echo Successfully signed files: !success_count!
echo Failed to sign files: !fail_count!

if !fail_count! gtr 0 (
    echo Warning: Some files failed to be signed.
    pause
    exit /b 1
)

echo All files signed successfully.
pause